└── README.md


/README.md:
--------------------------------------------------------------------------------
  1 | # App安全学习
  2 | 
  3 | ## 教程篇：
  4 | 
  5 | - [吾爱破解移动安全](https://www.52pojie.cn/thread-408645-1-1.html)
  6 | 
  7 | 
  8 | - [看雪论坛](https://bbs.pediy.com/)
  9 | 
 10 |     - [Android安全](https://bbs.pediy.com/forum-161.htm)
 11 |     - [iOS安全](https://bbs.pediy.com/forum-166.htm)
 12 | 
 13 | 
 14 | - [Brida:将frida与burp结合进行移动app渗透测试](http://www.4hou.com/penetration/6916.html)
 15 | - [iOS&&Android APP渗透测试环境搭建与方法命令 checklist](http://www.hackliu.com/?p=198)
 16 | - [CTF Wiki](https://ctf-wiki.github.io/ctf-wiki/android/basic_develop/basic_develop/)
 17 | - [Smali基础](https://ctf-wiki.github.io/ctf-wiki/android/basic_operating_mechanism/java_layer/smali/smali/)
 18 | - [移动APP漏洞自动化检测平台建设](https://security.tencent.com/index.php/blog/msg/109)
 19 | - [浅谈iOS应用安全自动化审计](https://security.tencent.com/index.php/blog/msg/105)
 20 | - [通过DIVA了解APP安全问题](http://www.mottoin.com/article/terminal/95379.html)
 21 | - [ARM反汇编](http://gslab.qq.com/portal.php?mod=view&aid=153)
 22 | - [Android知识技能必备](https://www.kancloud.cn/alex_wsc/android/344866)
 23 | - [Android免Root环境下Hook框架Legend原理分析](https://feicong.github.io/2017/02/12/legend/)
 24 | - [IDA Pro权威指南（第二版）](https://bbs.pediy.com/thread-194170.htm)
 25 | - [程序员都应该会的抓包工具 Charles](https://github.com/xiyouMc/PythonGuide/wiki/%E7%A8%8B%E5%BA%8F%E5%91%98%E9%83%BD%E5%BA%94%E8%AF%A5%E4%BC%9A%E7%9A%84%E6%8A%93%E5%8C%85%E5%B7%A5%E5%85%B7-Charles)
 26 | - ······
 27 | 
 28 | #### 加壳脱壳
 29 | 
 30 | - [Android中的Apk的加固(加壳)原理解析和实现](https://blog.csdn.net/jiangwei0910410003/article/details/48415225/)
 31 | - [APK脱壳简介](http://www.bigfog.info/2018/04/15/Apk%E8%84%B1%E5%A3%B3%E7%AE%80%E4%BB%8B/)
 32 | - [Apk脱壳圣战之---脱掉“爱加密”的壳](https://blog.csdn.net/jiangwei0910410003/article/details/51620236)
 33 | - [Apk脱壳圣战之---脱掉“360加固”的壳](https://blog.csdn.net/jiangwei0910410003/article/details/51769447)
 34 | - [Apk脱壳圣战之---如何脱掉“梆梆加固”的保护壳](https://blog.csdn.net/jiangwei0910410003/article/details/54409957)
 35 | - [拿到一个apk包后，怎么判断其是否加壳了？是否做了代码混淆？](https://www.zhihu.com/question/26438444)
 36 | - [常见app加固厂商脱壳方法研究](https://paper.seebug.org/44/)
 37 | - [[翻译]老外挑战360加固--实战分析（很详细）](https://bbs.pediy.com/thread-225561.htm)
 38 | 
 39 | 
 40 | ##
 41 | 
 42 | ## 工具篇：
 43 | 
 44 | 
 45 | #### Android 开发工具
 46 | 
 47 | - [Android Studio](https://developer.android.com/studio/#downloads)
 48 | - [Android SDK Tools](http://www.androiddevtools.cn/)
 49 | - [JDK 1.7](http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase7-521261.html)
 50 | - [JDK 1.8](http://www.oracle.com/technetwork/pt/java/javase/downloads/jdk8-downloads-2133151.html)
 51 | 
 52 | 
 53 | #### Android 模拟器
 54 | 
 55 | - [BlueStacks 蓝叠中国](http://www.bluestacks.cn/)
 56 | - [蓝叠全球](https://www.bluestacks.com/)（需扶墙，SS/SSR请开全局模式）
 57 | - [海马玩模拟器](http://droid4x.haimawan.com/)（需先安装VirtualBox）[VirtualBox](https://www.virtualbox.org/)
 58 | - [夜神模拟器](https://www.yeshen.com/)
 59 | - [MuMu模拟器](http://mumu.163.com/)
 60 | 
 61 | 
 62 | #### Apk查壳工具
 63 | 
 64 | - [ApkDetecter](https://github.com/Andy10101/ApkDetecter)
 65 | - [APK查壳工具PKID](https://xz.aliyun.com/t/2095)
 66 | 
 67 | #### Apk脱壳工具
 68 | 
 69 | - [dumpDex](https://github.com/WrBug/dumpDex)
 70 | - [dexdump](https://github.com/smartdone/dexdump)
 71 | - [drizzleDumper](https://github.com/DrizzleRisk/drizzleDumper)
 72 | 
 73 | 
 74 | #### App渗透测试框架 
 75 | 
 76 | - [drozer](https://github.com/mwrlabs/drozer)
 77 | - [Androguard](https://github.com/androguard/androguard)
 78 | - [Frida](https://github.com/frida/frida)
 79 |     - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
 80 | - [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)
 81 |     - Mobile Security Framework(MobSF)是印度安全公司（[http://opensecurity.in](http://opensecurity.in)）开发的一个智能化、一体化的开放源代码的移动应用（Android / iOS/Windows）自动化测试框架，支持静态和动态分析，App后端Web API漏洞检测。
 82 | - [Inspeckage](https://github.com/ac-pm/Inspeckage)
 83 |     - 一个Xposed插件，用于调试和动态分析Android App。 
 84 | - ······
 85 | 
 86 | #### 逆向工具
 87 | 
 88 | - [Android-Crack-Tool](https://github.com/Jermic/Android-Crack-Tool)   (Only For Mac)
 89 | - [ClassyShark](https://github.com/google/android-classyshark/)
 90 | - [Apktool](https://ibotpeaches.github.io/Apktool/)
 91 | - [dex2jar](https://github.com/pxb1988/dex2jar)
 92 | - [Android Killer 1.3.1](https://down.52pojie.cn/Tools/Android_Tools/AndroidKiller_v1.3.1.zip)
 93 | - [jd-gui](http://jd.benow.ca/)
 94 | - [IDA Pro 7.0](https://www.52pojie.cn/thread-675251-1-1.html)
 95 | - ······
 96 | 
 97 | 
 98 | #### 抓包工具
 99 | 
100 | - [Fiddler](https://www.techspot.com/downloads/5461-fiddler.html)
101 | - [Charles](https://www.charlesproxy.com/download/latest-release/)
102 | - [Burp Suite](https://portswigger.net/burp) 
103 | - [Wireshark](https://www.wireshark.org/#download)
104 | 
105 | 
106 | #### Android APP在线漏洞检测平台（不分先后）
107 | 
108 | - [腾讯金刚审计系统](https://service.security.tencent.com/kingkong)
109 | - [梆梆](https://dev.bangcle.com/)
110 | - [360显微镜](http://appscan.360.cn/)
111 | - [爱内测](http://www.ineice.com/)
112 | - [NAGA·IN](http://www.ineice.com/)
113 | - ······
114 | 


--------------------------------------------------------------------------------